A variety of security techniques are known for protecting information in and controlling the operation of a computing device such as a personal computer, a server or a mobile device. For example, physical and/or cryptographic techniques may be employed to control access to the computing device and to data stored in the computing device. Physical security techniques may include locating the computing device in a secure location, locking the computing device in an enclosure, protecting integrated circuits (i.e., chips) from invasive monitoring by encapsulating the chips in, for example, an epoxy.
Cryptographic techniques may include one or more of encryption, decryption, authentication, signing and verification. In some applications data encryption and decryption techniques may be used to prevent unauthorized applications or persons from accessing data stored in the computing device. For example, security passwords that are used to restrict access to a PC may be stored on the PC in an encrypted form. The operating system may then decrypt the password when it needs to compare it with a password typed in by a user.
In practice, there may be circumstances during which the use of secret credentials such as a password or cryptographic key may be compromised. For example, when a user uses a computing device to access confidential information, the user may first need to enter the secret credentials into the computing device. The computing device may process these credentials to determine whether the user is authorized to access the confidential information.
In the event the computing device has been comprised (e.g., by a hacker or code such as a computer virus, spyware, a Trojan horse, etc.) an unauthorized person may gain access to these credentials. As a result, an unauthorized person may be able to access the confidential information. Serious consequences may result when the confidential information includes sensitive information such as financial data or personal information.
In response to concerns such as these, the Trusted Computing Group (“TCG”) developed a specification for a trusted platform module (“TPM”). In general, a TPM provides a mechanism to securely generate and maintain keys used by an associated system (e.g., a computer within which the TPM is embedded). The TPM may be configured such that the TPM only uses keys when the TPM has verified that the keys are protected and the system has not been compromised. For example, the TPM may use a secure boot procedure and may only execute authenticated code.
A TPM may incorporate physical means of protection. For example, all of the functionality of the TPM may be implemented within a single integrated circuit. In addition, the TPM hardware may be protected using tamperproof and/or tamper evident techniques such as epoxy encapsulation.
A TPM also may use cryptographic techniques to protect information that it stores outside of the TPM. For example, the TPM includes at least one cryptographic processor that may be used, for example, to encrypt cryptographic keys or other sensitive data before the TPM stores the data in a data memory located outside of the TPM. Moreover, the TPM may not expose the keys used for this encryption outside the boundary of the TPM. For example, the TPM may never allow the encryption/decryption key to leave the TPM boundary.
In a conventional TPM application, the TPM generates and maintains keys for a user. For example, a user authorized to use the system within which the TPM is implemented may request the TPM to generate a key (hereafter referred to as the “user key”). Here, the TPM may require the user to create a password associated with the user key. The TPM will thus only enable use of the user key upon verification of the password. After the TPM generates the user key the TPM uses another key to encrypt the user key. This enables the TPM to securely store the user key outside of the TPM. This higher level key also may be encrypted and stored outside the TPM.
When a user wishes to use the user key (e.g., to encrypt or decrypt data), the user (e.g., via an application) sends the data to an encryption/decryption application and sends the password to the TPM. The TPM receives the appropriate higher level key (which is normally stored in external memory), uses an internal cryptographic processor to decrypt the key, then releases the key to the encryption/decryption application.
Similarly, when a user uses the TPM to sign data with the user key, the user sends the data and the password to the TPM. Again, TPM receives the appropriate higher level key (normally stored in external memory) and uses an internal cryptographic processor to decrypt the user key. Next, the TPM uses the user key in an internal cryptographic processor to sign the data. The TPM then sends the signed data to the user (e.g., to the user's application).
One advantage of a TPM-enabled system is that in the event the system is stolen, the thief may not be able to access the keys protected by the TPM. Consequently, the thief may not be able to access any information protected by those keys.
Further embodiments, features, and advantages of the present invention, as well as the operation of the various embodiments of the present invention, are described below with reference to the accompanying drawings.